| Zeile 21 | Zeile 21 |
|---|
$contents = parse_page($contents);
$totaltime = $maintimer->stop();
|
$contents = parse_page($contents);
$totaltime = $maintimer->stop();
|
| | $contents = $plugins->run_hooks("pre_output_page", $contents);
|
if($mybb->usergroup['cancp'] == 1)
{
|
if($mybb->usergroup['cancp'] == 1)
{
|
| Zeile 83 | Zeile 84 |
|---|
$other = "PHP version: $phpversion / Server Load: $serverload / GZip Compression: $gzipen";
$debugstuff = "Generated in $totaltime seconds ($percentphp% PHP / $percentsql% ".$database_server.")<br />SQL Queries: $db->query_count / Global Parsing Time: $globaltime$memory_usage<br />$other<br />[<a href=\"$debuglink\" target=\"_blank\">advanced details</a>]<br />";
$contents = str_replace("<debugstuff>", $debugstuff, $contents);
|
$other = "PHP version: $phpversion / Server Load: $serverload / GZip Compression: $gzipen";
$debugstuff = "Generated in $totaltime seconds ($percentphp% PHP / $percentsql% ".$database_server.")<br />SQL Queries: $db->query_count / Global Parsing Time: $globaltime$memory_usage<br />$other<br />[<a href=\"$debuglink\" target=\"_blank\">advanced details</a>]<br />";
$contents = str_replace("<debugstuff>", $debugstuff, $contents);
|
}
| }
|
if($mybb->debug_mode == true)
{
|
if($mybb->debug_mode == true)
{
|
| Zeile 92 | Zeile 93 |
|---|
}
$contents = str_replace("<debugstuff>", "", $contents);
|
}
$contents = str_replace("<debugstuff>", "", $contents);
|
$contents = $plugins->run_hooks("pre_output_page", $contents);
| |
if($mybb->settings['gzipoutput'] == 1)
{
|
if($mybb->settings['gzipoutput'] == 1)
{
|
| Zeile 743 | Zeile 743 |
|---|
"location2" => 0
);
|
"location2" => 0
);
|
$db->update_query("sessions", $noperm_array, "sid='{$session->sid}'", 1);
| $db->update_query("sessions", $noperm_array, "sid='{$session->sid}'");
|
if($mybb->input['ajax'])
{
|
if($mybb->input['ajax'])
{
|
| Zeile 1466 | Zeile 1466 |
|---|
$mod_cache = $cache->read("moderators");
|
$mod_cache = $cache->read("moderators");
|
foreach($mod_cache as $fid => $forum)
| foreach($mod_cache as $forumid => $forum)
|
{
|
{
|
if(!is_array($forum) || !in_array($fid, $parentslist))
| if(!is_array($forum) || !in_array($forumid, $parentslist))
|
{
// No perms or we're not after this forum
continue;
| {
// No perms or we're not after this forum
continue;
|
| Zeile 1549 | Zeile 1549 |
|---|
$user_perms = user_permissions($uid);
if($user_perms['issupermod'] == 1)
{
|
$user_perms = user_permissions($uid);
if($user_perms['issupermod'] == 1)
{
|
| | if($fid)
{
$forumpermissions = forum_permissions($fid);
if($forumpermissions['canview'] && $forumpermissions['canviewthreads'] && !$forumpermissions['canonlyviewownthreads'])
{
return true;
}
return false;
}
|
return true;
}
else
| return true;
}
else
|
| Zeile 1559 | Zeile 1568 |
|---|
if(!empty($modcache))
{
foreach($modcache as $modusers)
|
if(!empty($modcache))
{
foreach($modcache as $modusers)
|
{
| {
|
if(isset($modusers['users'][$uid]) && $modusers['users'][$uid]['mid'])
|
if(isset($modusers['users'][$uid]) && $modusers['users'][$uid]['mid'])
|
{
return true;
}
| {
return true;
}
|
elseif(isset($modusers['usergroups'][$user_perms['gid']]))
{
// Moderating usergroup
return true;
}
|
elseif(isset($modusers['usergroups'][$user_perms['gid']]))
{
// Moderating usergroup
return true;
}
|
}
}
| }
}
|
return false;
}
else
| return false;
}
else
|
| Zeile 1592 | Zeile 1601 |
|---|
return false;
}
}
|
return false;
}
}
|
}
| }
|
}
}
| }
}
|
| Zeile 1635 | Zeile 1644 |
|---|
else
{
$iconlist .= "<label><input type=\"radio\" name=\"icon\" value=\"".$dbicon['iid']."\" /> <img src=\"".$dbicon['path']."\" alt=\"".$dbicon['name']."\" /></label>";
|
else
{
$iconlist .= "<label><input type=\"radio\" name=\"icon\" value=\"".$dbicon['iid']."\" /> <img src=\"".$dbicon['path']."\" alt=\"".$dbicon['name']."\" /></label>";
|
}
| }
|
++$listed;
if($listed == 10)
|
++$listed;
if($listed == 10)
|
| Zeile 1784 | Zeile 1793 |
|---|
* @return array Unserialized data array
*/
function my_unserialize($data)
|
* @return array Unserialized data array
*/
function my_unserialize($data)
|
{
| {
|
$array = unserialize($data);
if(!is_array($array))
| $array = unserialize($data);
if(!is_array($array))
|
| Zeile 1823 | Zeile 1832 |
|---|
if(!is_numeric($serverload[0]))
{
if(@ini_get('safe_mode') == 'On')
|
if(!is_numeric($serverload[0]))
{
if(@ini_get('safe_mode') == 'On')
|
{
| {
|
return $lang->unknown;
}
// Suhosin likes to throw a warning if exec is disabled then die - weird
if($func_blacklist = @ini_get('suhosin.executor.func.blacklist'))
|
return $lang->unknown;
}
// Suhosin likes to throw a warning if exec is disabled then die - weird
if($func_blacklist = @ini_get('suhosin.executor.func.blacklist'))
|
{
if(strpos(",".$func_blacklist.",", 'exec') !== false)
{
return $lang->unknown;
}
| {
if(strpos(",".$func_blacklist.",", 'exec') !== false)
{
return $lang->unknown;
}
|
}
// PHP disabled functions?
if($func_blacklist = @ini_get('disable_functions'))
| }
// PHP disabled functions?
if($func_blacklist = @ini_get('disable_functions'))
|
| Zeile 1981 | Zeile 1990 |
|---|
$update_query[$counter] = $forum[$counter] + $changes[$counter];
}
else
|
$update_query[$counter] = $forum[$counter] + $changes[$counter];
}
else
|
{
| {
|
$update_query[$counter] = $changes[$counter];
}
// Less than 0? That's bad
|
$update_query[$counter] = $changes[$counter];
}
// Less than 0? That's bad
|
if(!$update_query[$counter])
| if($update_query[$counter] < 0)
|
{
$update_query[$counter] = 0;
}
| {
$update_query[$counter] = 0;
}
|
| Zeile 1995 | Zeile 2004 |
|---|
// Only update if we're actually doing something
if(count($update_query) > 0)
|
// Only update if we're actually doing something
if(count($update_query) > 0)
|
{
| {
|
$db->update_query("forums", $update_query, "fid='".intval($fid)."'");
}
// Guess we should update the statistics too?
|
$db->update_query("forums", $update_query, "fid='".intval($fid)."'");
}
// Guess we should update the statistics too?
|
if(isset($update_query['threads']) || isset($update_query['posts']) || isset($update_query['unapprovedthreads']) || isset($update_query['unapprovedposts']))
{
$new_stats = array();
if(array_key_exists('threads', $update_query))
{
$threads_diff = $update_query['threads'] - $forum['threads'];
if($threads_diff > -1)
{
$new_stats['numthreads'] = "+{$threads_diff}";
}
else
{
$new_stats['numthreads'] = "{$threads_diff}";
}
}
if(array_key_exists('unapprovedthreads', $update_query))
{
$unapprovedthreads_diff = $update_query['unapprovedthreads'] - $forum['unapprovedthreads'];
if($unapprovedthreads_diff > -1)
{
$new_stats['numunapprovedthreads'] = "+{$unapprovedthreads_diff}";
}
else
{
$new_stats['numunapprovedthreads'] = "{$unapprovedthreads_diff}";
}
}
| $new_stats = array();
if(array_key_exists('threads', $update_query))
{
$threads_diff = $update_query['threads'] - $forum['threads'];
if($threads_diff > -1)
{
$new_stats['numthreads'] = "+{$threads_diff}";
}
else
{
$new_stats['numthreads'] = "{$threads_diff}";
}
}
if(array_key_exists('unapprovedthreads', $update_query))
{
$unapprovedthreads_diff = $update_query['unapprovedthreads'] - $forum['unapprovedthreads'];
if($unapprovedthreads_diff > -1)
{
$new_stats['numunapprovedthreads'] = "+{$unapprovedthreads_diff}";
}
else
{
$new_stats['numunapprovedthreads'] = "{$unapprovedthreads_diff}";
}
}
if(array_key_exists('posts', $update_query))
{
$posts_diff = $update_query['posts'] - $forum['posts'];
if($posts_diff > -1)
{
$new_stats['numposts'] = "+{$posts_diff}";
}
else
{
$new_stats['numposts'] = "{$posts_diff}";
}
}
|
|
|
if(array_key_exists('posts', $update_query))
| if(array_key_exists('unapprovedposts', $update_query))
{
$unapprovedposts_diff = $update_query['unapprovedposts'] - $forum['unapprovedposts'];
if($unapprovedposts_diff > -1)
{
$new_stats['numunapprovedposts'] = "+{$unapprovedposts_diff}";
}
else
|
{
|
{
|
$posts_diff = $update_query['posts'] - $forum['posts'];
if($posts_diff > -1)
{
$new_stats['numposts'] = "+{$posts_diff}";
}
else
{
$new_stats['numposts'] = "{$posts_diff}";
}
| $new_stats['numunapprovedposts'] = "{$unapprovedposts_diff}";
|
}
|
}
|
| | }
|
|
|
if(array_key_exists('unapprovedposts', $update_query))
{
$unapprovedposts_diff = $update_query['unapprovedposts'] - $forum['unapprovedposts'];
if($unapprovedposts_diff > -1)
{
$new_stats['numunapprovedposts'] = "+{$unapprovedposts_diff}";
}
else
{
$new_stats['numunapprovedposts'] = "{$unapprovedposts_diff}";
}
}
| if(!empty($new_stats))
{
|
update_stats($new_stats);
}
| update_stats($new_stats);
}
|
| Zeile 2760 | Zeile 2770 |
|---|
}
$prefixselect = "";
|
}
$prefixselect = "";
|
$multipleselect = "";
| |
if($multiple != 0)
{
|
if($multiple != 0)
{
|
$multipleselect = " multiple=\"multiple\" size=\"5\"";
| $prefixselect = "<select name=\"threadprefix[]\" multiple=\"multiple\" size=\"5\">\n";
}
else
{
$prefixselect = "<select name=\"threadprefix\">\n";
|
}
|
}
|
$prefixselect = "<select name=\"threadprefix\"{$multipleselect}>\n";
| |
if($multiple == 1)
{
|
if($multiple == 1)
{
|
| Zeile 2986 | Zeile 2997 |
|---|
$ip = 0;
|
$ip = 0;
|
if(!preg_match("#^(10|172\.16|192\.168)\.#", $_SERVER['REMOTE_ADDR']))
| if(!preg_match("#^(10|172\.(1[6-9]|2[0-9]|3[0-1])|192\.168)\.#", $_SERVER['REMOTE_ADDR']))
|
{
$ip = $_SERVER['REMOTE_ADDR'];
}
| {
$ip = $_SERVER['REMOTE_ADDR'];
}
|
| Zeile 3006 | Zeile 3017 |
|---|
{
foreach($addresses[0] as $key => $val)
{
|
{
foreach($addresses[0] as $key => $val)
{
|
if(!preg_match("#^(10|172\.16|192\.168)\.#", $val))
| if(!preg_match("#^(10|172\.(1[6-9]|2[0-9]|3[0-1])|192\.168)\.#", $val))
|
{
$ip = $val;
break;
| {
$ip = $val;
break;
|
| Zeile 3277 | Zeile 3288 |
|---|
$multipage_dropdown = null;
if(!empty($navbit['multipage']))
{
|
$multipage_dropdown = null;
if(!empty($navbit['multipage']))
{
|
| | if(!$mybb->settings['threadsperpage'] || (int)$mybb->settings['threadsperpage'] < 1)
{
$mybb->settings['threadsperpage'] = 20;
}
|
$multipage = multipage($navbit['multipage']['num_threads'], $mybb->settings['threadsperpage'], $navbit['multipage']['current_page'], $navbit['multipage']['url'], true);
if($multipage)
{
| $multipage = multipage($navbit['multipage']['num_threads'], $mybb->settings['threadsperpage'], $navbit['multipage']['current_page'], $navbit['multipage']['url'], true);
if($multipage)
{
|
| Zeile 3289 | Zeile 3305 |
|---|
// Replace page 1 URLs
$navbit['url'] = str_replace("-page-1.html", ".html", $navbit['url']);
$navbit['url'] = preg_replace("/&page=1$/", "", $navbit['url']);
|
// Replace page 1 URLs
$navbit['url'] = str_replace("-page-1.html", ".html", $navbit['url']);
$navbit['url'] = preg_replace("/&page=1$/", "", $navbit['url']);
|
|
|
eval("\$nav .= \"".$templates->get("nav_bit")."\";");
}
}
|
eval("\$nav .= \"".$templates->get("nav_bit")."\";");
}
}
|
}
| }
|
$navsize = count($navbits);
$navbit = $navbits[$navsize-1];
|
$navsize = count($navbits);
$navbit = $navbits[$navsize-1];
|
|
|
if($nav)
{
eval("\$activesep = \"".$templates->get("nav_sep_active")."\";");
|
if($nav)
{
eval("\$activesep = \"".$templates->get("nav_sep_active")."\";");
|
}
| }
|
eval("\$activebit = \"".$templates->get("nav_bit_active")."\";");
eval("\$donenav = \"".$templates->get("nav")."\";");
|
eval("\$activebit = \"".$templates->get("nav_bit_active")."\";");
eval("\$donenav = \"".$templates->get("nav")."\";");
|
|
|
return $donenav;
}
| return $donenav;
}
|
| Zeile 3314 | Zeile 3330 |
|---|
*
* @param string The name of the item to add
* @param string The URL of the item to add
|
*
* @param string The name of the item to add
* @param string The URL of the item to add
|
*/
| */
|
function add_breadcrumb($name, $url="")
{
global $navbits;
| function add_breadcrumb($name, $url="")
{
global $navbits;
|
| Zeile 3339 | Zeile 3355 |
|---|
if(!is_array($forum_cache))
{
cache_forums();
|
if(!is_array($forum_cache))
{
cache_forums();
|
}
| }
|
foreach($forum_cache as $key => $val)
{
$pforumcache[$val['fid']][$val['pid']] = $val;
| foreach($forum_cache as $key => $val)
{
$pforumcache[$val['fid']][$val['pid']] = $val;
|
| Zeile 3377 | Zeile 3393 |
|---|
elseif(!empty($multipage))
{
$navbits[$navsize]['url'] = get_forum_link($forumnav['fid'], $multipage['current_page']);
|
elseif(!empty($multipage))
{
$navbits[$navsize]['url'] = get_forum_link($forumnav['fid'], $multipage['current_page']);
|
|
|
$navbits[$navsize]['multipage'] = $multipage;
$navbits[$navsize]['multipage']['url'] = str_replace('{fid}', $forumnav['fid'], FORUM_URL_PAGED);
}
| $navbits[$navsize]['multipage'] = $multipage;
$navbits[$navsize]['multipage']['url'] = str_replace('{fid}', $forumnav['fid'], FORUM_URL_PAGED);
}
|
| Zeile 3576 | Zeile 3592 |
|---|
echo "</body>";
echo "</html>";
exit;
|
echo "</body>";
echo "</html>";
exit;
|
}
/**
| }
/**
|
* Outputs the correct page headers.
*/
function send_page_headers()
| * Outputs the correct page headers.
*/
function send_page_headers()
|
| Zeile 3879 | Zeile 3895 |
|---|
{
$query = $db->simple_select("users", "*", "uid='".intval($uid)."'");
$user = $db->fetch_array($query);
|
{
$query = $db->simple_select("users", "*", "uid='".intval($uid)."'");
$user = $db->fetch_array($query);
|
}
| }
|
$groupslist = "";
$usergroups = "";
$usergroups = $user['additionalgroups'].",";
| $groupslist = "";
$usergroups = "";
$usergroups = $user['additionalgroups'].",";
|
| Zeile 3944 | Zeile 3960 |
|---|
else
{
$location = htmlspecialchars_uni($_SERVER['PHP_SELF']);
|
else
{
$location = htmlspecialchars_uni($_SERVER['PHP_SELF']);
|
}
| }
|
if($fields == true)
{
|
if($fields == true)
{
|
| Zeile 3980 | Zeile 3996 |
|---|
else if(isset($_ENV['QUERY_STRING']))
{
$location .= "?".htmlspecialchars_uni($_ENV['QUERY_STRING']);
|
else if(isset($_ENV['QUERY_STRING']))
{
$location .= "?".htmlspecialchars_uni($_ENV['QUERY_STRING']);
|
}
| }
|
if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") || (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST"))
{
$post_array = array('action', 'fid', 'pid', 'tid', 'uid', 'eid');
| if((isset($_SERVER['REQUEST_METHOD']) && $_SERVER['REQUEST_METHOD'] == "POST") || (isset($_ENV['REQUEST_METHOD']) && $_ENV['REQUEST_METHOD'] == "POST"))
{
$post_array = array('action', 'fid', 'pid', 'tid', 'uid', 'eid');
|
| Zeile 4005 | Zeile 4021 |
|---|
$location .= "&";
}
$location .= implode("&", $addloc);
|
$location .= "&";
}
$location .= implode("&", $addloc);
|
}
}
| }
}
|
if(strlen($location) > 150)
{
|
if(strlen($location) > 150)
{
|
| Zeile 4044 | Zeile 4060 |
|---|
$query = $db->simple_select("themes", "name, pid, tid, allowedgroups", "pid != '0'", array('order_by' => 'pid, name'));
while($theme = $db->fetch_array($query))
|
$query = $db->simple_select("themes", "name, pid, tid, allowedgroups", "pid != '0'", array('order_by' => 'pid, name'));
while($theme = $db->fetch_array($query))
|
{
| {
|
$tcache[$theme['pid']][$theme['tid']] = $theme;
}
}
| $tcache[$theme['pid']][$theme['tid']] = $theme;
}
}
|
| Zeile 4081 | Zeile 4097 |
|---|
if($is_allowed || $theme['allowedgroups'] == "all" || $usergroup_override == true)
{
if($theme['tid'] == $selected)
|
if($is_allowed || $theme['allowedgroups'] == "all" || $usergroup_override == true)
{
if($theme['tid'] == $selected)
|
{
| {
|
$sel = " selected=\"selected\"";
}
| $sel = " selected=\"selected\"";
}
|
| Zeile 4483 | Zeile 4499 |
|---|
if(function_exists("mb_strlen"))
{
$string_length = mb_strlen($string);
|
if(function_exists("mb_strlen"))
{
$string_length = mb_strlen($string);
|
}
else
| }
else
|
{
$string_length = strlen($string);
}
| {
$string_length = strlen($string);
}
|
| Zeile 4684 | Zeile 4700 |
|---|
$event_date = my_date($mybb->settings['dateformat'], $event_date);
return $event_date;
|
$event_date = my_date($mybb->settings['dateformat'], $event_date);
return $event_date;
|
}
/**
| }
/**
|
* Get the profile link.
*
* @param int The user id of the profile.
| * Get the profile link.
*
* @param int The user id of the profile.
|
| Zeile 4695 | Zeile 4711 |
|---|
function get_profile_link($uid=0)
{
$link = str_replace("{uid}", $uid, PROFILE_URL);
|
function get_profile_link($uid=0)
{
$link = str_replace("{uid}", $uid, PROFILE_URL);
|
return htmlspecialchars_uni($link);
}
| return htmlspecialchars_uni($link);
}
|
/**
* Get the announcement link.
|
/**
* Get the announcement link.
|
| Zeile 4708 | Zeile 4724 |
|---|
{
$link = str_replace("{aid}", $aid, ANNOUNCEMENT_URL);
return htmlspecialchars_uni($link);
|
{
$link = str_replace("{aid}", $aid, ANNOUNCEMENT_URL);
return htmlspecialchars_uni($link);
|
}
| }
|
/**
* Build the profile link.
|
/**
* Build the profile link.
|
| Zeile 4732 | Zeile 4748 |
|---|
{
// Return the guest's nickname if user is a guest but has a nickname
return $username;
|
{
// Return the guest's nickname if user is a guest but has a nickname
return $username;
|
}
else
| }
else
|
{
// Build the profile link for the registered user
if(!empty($target))
{
$target = " target=\"{$target}\"";
|
{
// Build the profile link for the registered user
if(!empty($target))
{
$target = " target=\"{$target}\"";
|
}
| }
|
if(!empty($onclick))
{
$onclick = " onclick=\"{$onclick}\"";
}
|
if(!empty($onclick))
{
$onclick = " onclick=\"{$onclick}\"";
}
|
|
|
return "<a href=\"{$mybb->settings['bburl']}/".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>";
}
}
| return "<a href=\"{$mybb->settings['bburl']}/".get_profile_link($uid)."\"{$target}{$onclick}>{$username}</a>";
}
}
|
| Zeile 4758 | Zeile 4774 |
|---|
* @return string The url to the forum.
*/
function get_forum_link($fid, $page=0)
|
* @return string The url to the forum.
*/
function get_forum_link($fid, $page=0)
|
{
| {
|
if($page > 0)
{
$link = str_replace("{fid}", $fid, FORUM_URL_PAGED);
| if($page > 0)
{
$link = str_replace("{fid}", $fid, FORUM_URL_PAGED);
|
| Zeile 4783 | Zeile 4799 |
|---|
function get_thread_link($tid, $page=0, $action='')
{
if($page > 1)
|
function get_thread_link($tid, $page=0, $action='')
{
if($page > 1)
|
{
if($action)
{
$link = THREAD_URL_ACTION;
$link = str_replace("{action}", $action, $link);
| {
if($action)
{
$link = THREAD_URL_ACTION;
$link = str_replace("{action}", $action, $link);
|
}
else
{
| }
else
{
|
| Zeile 4800 | Zeile 4816 |
|---|
else
{
if($action)
|
else
{
if($action)
|
{
| {
|
$link = THREAD_URL_ACTION;
$link = str_replace("{action}", $action, $link);
|
$link = THREAD_URL_ACTION;
$link = str_replace("{action}", $action, $link);
|
}
| }
|
else
{
$link = THREAD_URL;
}
$link = str_replace("{tid}", $tid, $link);
|
else
{
$link = THREAD_URL;
}
$link = str_replace("{tid}", $tid, $link);
|
return htmlspecialchars_uni($link);
}
}
| return htmlspecialchars_uni($link);
}
}
|
/**
* Build the post link.
*
| /**
* Build the post link.
*
|
| Zeile 4825 | Zeile 4841 |
|---|
{
$link = str_replace("{tid}", $tid, THREAD_URL_POST);
$link = str_replace("{pid}", $pid, $link);
|
{
$link = str_replace("{tid}", $tid, THREAD_URL_POST);
$link = str_replace("{pid}", $pid, $link);
|
return htmlspecialchars_uni($link);
| return htmlspecialchars_uni($link);
|
}
else
{
| }
else
{
|
| Zeile 4862 | Zeile 4878 |
|---|
$link = str_replace("{month}", $month, CALENDAR_URL_DAY);
$link = str_replace("{year}", $year, $link);
$link = str_replace("{day}", $day, $link);
|
$link = str_replace("{month}", $month, CALENDAR_URL_DAY);
$link = str_replace("{year}", $year, $link);
$link = str_replace("{day}", $day, $link);
|
$link = str_replace("{calendar}", $calendar, $link);
| $link = str_replace("{calendar}", $calendar, $link);
|
return htmlspecialchars_uni($link);
}
else if($month > 0)
| return htmlspecialchars_uni($link);
}
else if($month > 0)
|
| Zeile 4887 | Zeile 4903 |
|---|
/**
* Build the link to a specified week on the calendar
|
/**
* Build the link to a specified week on the calendar
|
*
| *
|
* @param int The ID of the calendar
* @param int The year
* @param int The week
| * @param int The ID of the calendar
* @param int The year
* @param int The week
|
| Zeile 5186 | Zeile 5202 |
|---|
}
// Valid local characters for email addresses: http://www.remote.org/jochen/mail/info/chars.html
return preg_match("/^[a-zA-Z0-9&*+\-_.{}~^\?=\/]+@[a-zA-Z0-9-]+\.([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]{2,}$/si", $email);
|
}
// Valid local characters for email addresses: http://www.remote.org/jochen/mail/info/chars.html
return preg_match("/^[a-zA-Z0-9&*+\-_.{}~^\?=\/]+@[a-zA-Z0-9-]+\.([a-zA-Z0-9-]+\.)*[a-zA-Z0-9-]{2,}$/si", $email);
|
}
/**
| }
/**
|
* Checks to see if the email is already in use by another
*
* @param string The email to check.
| * Checks to see if the email is already in use by another
*
* @param string The email to check.
|
| Zeile 5201 | Zeile 5217 |
|---|
$uid_string = "";
if($uid)
|
$uid_string = "";
if($uid)
|
{
| {
|
$uid_string = " AND uid != '".intval($uid)."'";
}
$query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
| $uid_string = " AND uid != '".intval($uid)."'";
}
$query = $db->simple_select("users", "COUNT(email) as emails", "email = '".$db->escape_string($email)."'{$uid_string}");
|
| Zeile 5289 | Zeile 5305 |
|---|
"~"
);
$terms = str_replace($bad_characters, '', $terms);
|
"~"
);
$terms = str_replace($bad_characters, '', $terms);
|
|
|
// Check if this is a "series of words" - should be treated as an EXACT match
if(my_strpos($terms, "\"") !== false)
{
| // Check if this is a "series of words" - should be treated as an EXACT match
if(my_strpos($terms, "\"") !== false)
{
|
| Zeile 5301 | Zeile 5317 |
|---|
if($phrase != "")
{
if($inquote)
|
if($phrase != "")
{
if($inquote)
|
{
| {
|
$words[] = trim($phrase);
}
else
| $words[] = trim($phrase);
}
else
|
| Zeile 5326 | Zeile 5342 |
|---|
}
// Otherwise just a simple search query with no phrases
else
|
}
// Otherwise just a simple search query with no phrases
else
|
{
| {
|
$terms = htmlspecialchars_uni($terms);
$split_words = preg_split("#\s{1,}#", $terms, -1);
if(is_array($split_words))
| $terms = htmlspecialchars_uni($terms);
$split_words = preg_split("#\s{1,}#", $terms, -1);
if(is_array($split_words))
|
| Zeile 5339 | Zeile 5355 |
|---|
}
$words[] = trim($word);
}
|
}
$words[] = trim($word);
}
|
}
| }
|
}
if(!is_array($words))
| }
if(!is_array($words))
|
| Zeile 5390 | Zeile 5406 |
|---|
elseif($src <= 0x007f)
{
$dest .= chr($src);
|
elseif($src <= 0x007f)
{
$dest .= chr($src);
|
}
| }
|
elseif($src <= 0x07ff)
{
$dest .= chr(0xc0 | ($src >> 6));
| elseif($src <= 0x07ff)
{
$dest .= chr(0xc0 | ($src >> 6));
|
| Zeile 5413 | Zeile 5429 |
|---|
{
// Out of range
return false;
|
{
// Out of range
return false;
|
}
| }
|
return $dest;
}
| return $dest;
}
|
| Zeile 5426 | Zeile 5442 |
|---|
* @return boolean True if banned, false if not banned
*/
function is_banned_username($username, $update_lastuse=false)
|
* @return boolean True if banned, false if not banned
*/
function is_banned_username($username, $update_lastuse=false)
|
{
| {
|
global $db;
$query = $db->simple_select('banfilters', 'filter, fid', "type='2'");
while($banned_username = $db->fetch_array($query))
| global $db;
$query = $db->simple_select('banfilters', 'filter, fid', "type='2'");
while($banned_username = $db->fetch_array($query))
|
| Zeile 5487 | Zeile 5503 |
|---|
}
// Still here - good email
|
}
// Still here - good email
|
return false;
}
/**
| return false;
}
/**
|
* Checks if a specific IP address has been banned.
*
* @param string The IP address.
| * Checks if a specific IP address has been banned.
*
* @param string The IP address.
|
| Zeile 5692 | Zeile 5708 |
|---|
if(!empty($post_body))
{
$headers[] = $post_body;
|
if(!empty($post_body))
{
$headers[] = $post_body;
|
}
else
| }
else
|
{
// If we have no post body, we need to add an empty element to make sure we've got \r\n\r\n before the (non-existent) body starts
$headers[] = '';
| {
// If we have no post body, we need to add an empty element to make sure we've got \r\n\r\n before the (non-existent) body starts
$headers[] = '';
|
| Zeile 5715 | Zeile 5731 |
|---|
else if(empty($post_data))
{
return @implode("", @file($url));
|
else if(empty($post_data))
{
return @implode("", @file($url));
|
}
else
{
return false;
}
| }
else
{
return false;
}
|
}
/**
| }
/**
|
| Zeile 5729 | Zeile 5745 |
|---|
* @return boolean True if a super admin, false if not
*/
function is_super_admin($uid)
|
* @return boolean True if a super admin, false if not
*/
function is_super_admin($uid)
|
{
global $mybb;
$mybb->config['super_admins'] = str_replace(" ", "", $mybb->config['super_admins']);
if(my_strpos(",{$mybb->config['super_admins']},", ",{$uid},") === false)
{
| {
static $super_admins;
if(!isset($super_admins))
{
global $mybb;
$super_admins = str_replace(" ", "", $mybb->config['super_admins']);
}
if(my_strpos(",{$super_admins},", ",{$uid},") === false)
{
|
return false;
|
return false;
|
}
| }
|
else
|
else
|
{
| {
|
return true;
}
|
return true;
}
|
| | }
/**
* Prevents super administrators being selected in a SELECT.
*
* @param boolean Prefix with an AND?
* @param string The prefix to add to uid when used in a JOIN (e.g. SELECTing users u would mean using 'u' in this argument).
* @return string An addition to the WHERE statement
*/
function not_super_admins($use_and = false, $uid_prefix = '')
{
static $super_admins;
if(!isset($super_admins))
{
global $mybb, $db;
$super_admins = $db->escape_string(str_replace(" ", "", $mybb->config['super_admins']));
}
if($super_admins)
{
$sql_where = '';
if($use_and)
{
$sql_where .= ' AND ';
}
if($uid_prefix != '')
{
$sql_where .= $uid_prefix.'.';
}
$sql_where .= "uid NOT IN({$super_admins})";
return $sql_where;
}
return '';
|
}
/**
| }
/**
|
| Zeile 5784 | Zeile 5842 |
|---|
if($in_escape)
{
$strings[] = trim($string);
|
if($in_escape)
{
$strings[] = trim($string);
|
}
| }
|
else
{
$split_strings = explode($delimeter, $string);
| else
{
$split_strings = explode($delimeter, $string);
|
| Zeile 5796 | Zeile 5854 |
|---|
}
}
$in_escape = !$in_escape;
|
}
}
$in_escape = !$in_escape;
|
}
| }
|
if(!count($strings))
{
return $original;
| if(!count($strings))
{
return $original;
|
| Zeile 5994 | Zeile 6052 |
|---|
if(!isset($orig_dir))
{
$orig_dir = $path;
|
if(!isset($orig_dir))
{
$orig_dir = $path;
|
}
if(@is_dir($path) && !@is_link($path))
{
| }
if(@is_dir($path) && !@is_link($path))
{
|
if($dh = @opendir($path))
{
while(($file = @readdir($dh)) !== false)
| if($dh = @opendir($path))
{
while(($file = @readdir($dh)) !== false)
|
| Zeile 6196 | Zeile 6254 |
|---|
else
{
return "+$int";
|
else
{
return "+$int";
|
}
}
/**
| }
}
/**
|
* Returns a securely generated seed for PHP's RNG (Random Number Generator)
*
* @param int Length of the seed bytes (8 is default. Provides good cryptographic variance)
| * Returns a securely generated seed for PHP's RNG (Random Number Generator)
*
* @param int Length of the seed bytes (8 is default. Provides good cryptographic variance)
|
| Zeile 6208 | Zeile 6266 |
|---|
function secure_seed_rng($count=8)
{
$output = '';
|
function secure_seed_rng($count=8)
{
$output = '';
|
// Try the unix/linux method
if(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb')))
| // DIRECTORY_SEPARATOR checks if running windows
if(DIRECTORY_SEPARATOR != '\\')
{
// Unix/Linux
// Use OpenSSL when available
if(function_exists('openssl_random_pseudo_bytes'))
{
$output = openssl_random_pseudo_bytes($count);
}
// Try mcrypt
elseif(function_exists('mcrypt_create_iv'))
{
$output = mcrypt_create_iv($count, MCRYPT_DEV_URANDOM);
}
// Try /dev/urandom
elseif(@is_readable('/dev/urandom') && ($handle = @fopen('/dev/urandom', 'rb')))
{
$output = @fread($handle, $count);
@fclose($handle);
}
}
else
|
{
|
{
|
$output = @fread($handle, $count);
@fclose($handle);
| // Windows
// Use OpenSSL when available
// PHP <5.3.4 had a bug which makes that function unusable on Windows
if(function_exists('openssl_random_pseudo_bytes') && version_compare(PHP_VERSION, '5.3.4', '>='))
{
$output = openssl_random_pseudo_bytes($count);
}
// Try mcrypt
elseif(function_exists('mcrypt_create_iv'))
{
$output = mcrypt_create_iv($count, MCRYPT_RAND);
}
// Try Windows CAPICOM before using our own generator
elseif(class_exists('COM'))
{
try
{
$CAPI_Util = new COM('CAPICOM.Utilities.1');
if(is_callable(array($CAPI_Util, 'GetRandom')))
{
$output = $CAPI_Util->GetRandom($count, 0);
}
} catch (Exception $e) {
}
}
|
}
// Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator
| }
// Didn't work? Do we still not have enough bytes? Use our own (less secure) rng generator
|
| Zeile 6469 | Zeile 6569 |
|---|
}
/**
|
}
/**
|
* Handles 4 byte UTF-8 characters.
| * Validates an UTF-8 string.
|
*
|
*
|
* This can be used to either reject strings which contain 4 byte UTF-8
* characters, or replace them with question marks. This is limited to UTF-8
* collated databases using MySQL.
*
* Original: http://www.avidheap.org/2013/a-quick-way-to-normalize-a-utf8-string-when-your-mysql-database-is-not-utf8mb4
*
* @param string The string to be checked.
* @param bool If false don't return the string, only the boolean result.
* @return mixed Return a string if the second parameter is true, boolean otherwise.
| * @param string The string to be checked
* @param boolean Allow 4 byte UTF-8 characters?
* @param boolean Return the cleaned string?
* @return string/boolean Cleaned string or boolean
|
*/
|
*/
|
function utf8_handle_4byte_string($input, $return=true)
| function validate_utf8_string($input, $allow_mb4=true, $return=true)
|
{
|
{
|
global $config;
if($config['database']['type'] != 'mysql' && $config['database']['type'] != 'mysqli')
{
if($return == true)
{
return $input;
}
return true;
}
$contains_4bytes = false;
if(!empty($input))
{
$utf8_2byte = 0xC0 /*1100 0000*/;
$utf8_2byte_bmask = 0xE0 /*1110 0000*/;
$utf8_3byte = 0xE0 /*1110 0000*/;
$utf8_3byte_bmask = 0XF0 /*1111 0000*/;
$utf8_4byte = 0xF0 /*1111 0000*/;
$utf8_4byte_bmask = 0xF8 /*1111 1000*/;
$sanitized = "";
| // Valid UTF-8 sequence?
if(!preg_match('##u', $input))
{
$string = '';
|
$len = strlen($input);
|
$len = strlen($input);
|
for($i = 0; $i < $len; ++$i)
{
$mb_char = $input[$i]; // Potentially a multibyte sequence
$byte = ord($mb_char);
if(($byte & $utf8_2byte_bmask) == $utf8_2byte)
| for($i = 0; $i < $len; $i++)
{
$c = ord($input[$i]);
if($c > 128)
|
{
|
{
|
$mb_char .= $input[++$i];
}
elseif(($byte & $utf8_3byte_bmask) == $utf8_3byte)
{
$mb_char .= $input[++$i];
$mb_char .= $input[++$i];
| if($c > 247 || $c <= 191)
{
if($return)
{
$string .= '?';
continue;
}
else
{
return false;
}
}
elseif($c > 239)
{
$bytes = 4;
}
elseif($c > 223)
{
$bytes = 3;
}
elseif($c > 191)
{
$bytes = 2;
}
if(($i + $bytes) > $len)
{
if($return)
{
$string .= '?';
break;
}
else
{
return false;
}
}
$valid = true;
$multibytes = $input[$i];
while($bytes > 1)
{
$i++;
$b = ord($input[$i]);
if($b < 128 || $b > 191)
{
if($return)
{
$valid = false;
$string .= '?';
break;
}
else
{
return false;
}
}
else
{
$multibytes .= $input[$i];
}
$bytes--;
}
if($valid)
{
$string .= $multibytes;
}
|
}
|
}
|
elseif(($byte & $utf8_4byte_bmask) == $utf8_4byte)
{
$contains_4bytes = true;
// Replace with ? to avoid MySQL exception
$mb_char = '?';
$i += 3;
| else
{
$string .= $input[$i];
|
}
|
}
|
$sanitized .= $mb_char;
if($contains_4bytes == true && $return == false)
{
return false;
}
}
$input = $sanitized;
| }
$input = $string;
}
if($return)
{
if($allow_mb4)
{
return $input;
}
else
{
return preg_replace("#[^\\x00-\\x7F][\\x80-\\xBF]{3,}#", '?', $input);
}
|
}
|
}
|
if($contains_4bytes == false && $return == false)
| else
|
{
|
{
|
return true;
| if($allow_mb4)
{
return true;
}
else
{
return !preg_match("#[^\\x00-\\x7F][\\x80-\\xBF]{3,}#", $input);
}
|
}
|
}
|
return $input;
| |
}
?>
| }
?>
|